On Sun, 03 Sep 2017 12:44:40 +0200 aurelien <[email protected]> wrote:
> The point is that most of free distributions use it to improve > security for the users. That is not exactly true. None of the major distributions ever used grsecurity in their kernels, only some specialized distributions like Gentoo Hardened. This was also often criticized: Given that grsecurity was an out-of-tree effort and only few parts of it were upstreamed it only provided protection for the few that used their kernel-patch, not the average user. > Maybe it should be time to create a GNU Sec project to improve and > share hardened tools There already is the kernel self protection project: https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project Related discussions and patching efforts happen on the kernel-hardening mailing list: http://www.openwall.com/lists/kernel-hardening/ Unlike grsecurity their goal is to upstream security features into the mainline kernel. Also there have been quite some efforts to find kernel security bugs via fuzzing, the most notable is the syzkaller tool: https://github.com/google/syzkaller -- Hanno Böck https://hboeck.de/ mail/jabber: [email protected] GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 _______________________________________________ libreplanet-discuss mailing list [email protected] https://lists.libreplanet.org/mailman/listinfo/libreplanet-discuss
